cppcheck/cve-test-suite
Oliver Stöneberg f46a9e3543
fixed/excluded some shellcheck warnings and actually fail the build when something is found (#3068)
2021-01-20 18:43:49 +01:00
..
cve-2018-5334.c cve test suite: Added more test cases 2018-10-04 18:07:11 +02:00
cve-2018-6836.c cve-test-suite: tweak cve-2018-6836 test 2018-10-04 18:14:54 +02:00
cve-2018-11360.c cve test suite: Added more test cases 2018-10-04 18:07:11 +02:00
cve-2018-1000618.cpp Add a test-suite based on CVE vulnerabilities 2018-10-04 17:24:39 +02:00
download.sh fixed/excluded some shellcheck warnings and actually fail the build when something is found (#3068) 2021-01-20 18:43:49 +01:00
readme.txt

readme.txt

Background
==========
The CVE database contains known vulnerabilities in various source code projects. For instance, to list known "overflow" vulnerabilities, this link can be used:
https://www.cvedetails.com/vulnerability-list/cweid-119/vulnerabilities.html

Many issues in the CVE database are "out of reach" for static analysis because of required domain knowledge etc.

However there are also issues that could be "possible" to detect with static analysis.

For each such issue that we see that we think is "possible" to detect with static analysis, we can create a file in this folder. The filename is the CVE id. The contents of the file should contain this info:
 * Recommended: URL that can be used to download source code, file with bug
 * Description
 * Reduced example code. The code should be plain C/C++ without dependencies.

Possible usages:
================
The test cases can inspire future Cppcheck development.

These files could be used for a quick and easy tool evaluation. For Cppcheck and other tools. Because only plain C/C++ is used, tools should have all info they need, so hopefully no extra configuration is needed.

An extended tool evaluation can use the real source code. It's possible to lookup the real source code using the CWE id. However in such tool evaluation, the tools must be configured properly.